I have a facebook login script for my site that currently works fine. I want to add the ability to request the email from user, along with the current basic info. I know i need to request an access token, but icant quite figure out how. Here's my current code:
$facebook = new Facebook(array(
'appId' => APP_ID,
'secret' => APP_SECRET,
'cookie' => true
));
$session = $facebook->getSession();
if (!empty($session)) {
# Active session, let's try getting the user id (getUser()) and user info (api->('/me'))
try {
$uid = $facebook->getUser();
$user = $facebook->api('/me/');
You have to provide an extended permission for email at the time of login..
$access_token = $this->facebook->getAccessToken();
//check permissions list
$permissions_list = $this->facebook->api('/me/permissions', 'GET', array('access_token' => $access_token));
$permissions_needed = array('email');
foreach ($permissions_needed as $perm) {
if (!isset($permissions_list['data'][0][$perm]) || $permissions_list['data'][0][$perm] != 1) {
$login = $facebook->getLoginUrl(array('scope' => 'email,user_birthday',
'redirect_uri' => your site redirectUri,
'display' => 'popup'
));
header("location:$login");
}
}
$user = $facebook->getUser();
if ($user) {
try {
$userInfo = $facebook->api("/$user");
} catch (FacebookApiException $e) {
echo $e->getMessage();
}
}
print_r($userInfo);
Have a look at the server-side authentication process - this is where you pass through the permissions you want (known as "scope"). The user will be presented with a login panel if they are not already logged in, and then afterwards a separate permissions panel for any permissions above basic you are requesting and that they haven't already granted. You will then receive an auth token or a code that can be exchanged for a token, and you use this to then further query the user and get their email details in the response.
Good luck!
Related
I am creating fb login with the php ,
the problem is that the email of user is not returning from facebook,
FBID and USER NAME is returning.
The same code i have done for another project is working but for the new one is not working
the code is like this
require 'src/facebook.php'; // Include facebook SDK file
$facebook = new Facebook(array(
'appId' => 'XXXXXXXXXXX', // Facebook App ID
'secret' => 'XXXXXXXXXXXXXXXXX', // Facebook App Secret
'cookie' => true,
));
$user = $facebook->getUser();
if ($user) {
try {
$user_profile = $facebook->api('/me');
$fbid = $user_profile['id']; // To Get Facebook ID
$fbuname = $user_profile['username']; // To Get Facebook Username
$fbfullname = $user_profile['name']; // To Get Facebook full name
$femail = $user_profile['email']; // To Get Facebook email ID
/* ---- Session Variables -----*/
$_SESSION['FBID'] = $fbid;
$_SESSION['USERNAME'] = $fbuname;
$_SESSION['FULLNAME'] = $fbfullname;
$_SESSION['EMAIL'] = $femail;
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
if ($user) {
header("location:fblogin.php");
} else {
$loginUrl = $facebook->getLoginUrl(array(
'scope' => 'email', // Permissions to request from the user
));
header("location: " . $loginUrl);
}
$user_profile = $facebook->api('/me?fields=name,email');
It´s called "Declarative Fields", see changelog. Btw, you can´t get the username anymore.
I'm trying to run the sample code for Facebook connect that I downloaded from http://thinkdiff.net/facebook/php-sdk-3-0-graph-api-base-facebook-connect-tutorial/
I get this error message :
[error] => Array
(
[message] => An active access token must be used to query information about the current user.
[type] => OAuthException
[code] => 2500
)
You can try on my website : http://facebook.oliverjordan.net/thinkdiff
Here is the fbmain.php code :
<?php
//facebook application
$fbconfig['appid' ] = "463007877113xxx";
$fbconfig['secret'] = "-sensor-";
$fbconfig['baseurl'] = "http://facebook.oliverjordan.net/thinkdiff/index.php"; //"http://thinkdiff.net/demo/newfbconnect1/php/sdk3/index.php";
//
if (isset($_GET['request_ids'])){
//user comes from invitation
//track them if you need
}
$user = null; //facebook user uid
try{
include_once "facebook.php";
}
catch(Exception $o){
error_log($o);
}
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true,
));
//Facebook Authentication part
$user = $facebook->getUser();
// We may or may not have this data based
// on whether the user is logged in.
// If we have a $user id here, it means we know
// the user is logged into
// Facebook, but we don’t know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
$loginUrl = $facebook->getLoginUrl(
array(
'scope' => 'email,offline_access,publish_stream,user_birthday,user_location,user_work_history,user_about_me,user_hometown',
'redirect_uri' => $fbconfig['baseurl']
)
);
$logoutUrl = $facebook->getLogoutUrl();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
//you should use error_log($e); instead of printing the info on browser
d($e); // d is a debug function defined at the end of this file
$user = null;
}
}
//if user is logged in and session is valid.
if ($user){
//get user basic description
$userInfo = $facebook->api("/$user");
//Retriving movies those are user like using graph api
try{
$movies = $facebook->api("/$user/movies");
}
catch(Exception $o){
d($o);
}
//update user's status using graph api
//http://developers.facebook.com/docs/reference/dialogs/feed/
if (isset($_GET['publish'])){
try {
$publishStream = $facebook->api("/$user/feed", 'post', array(
'message' => "I love thinkdiff.net for facebook app development tutorials. :)",
'link' => 'http://ithinkdiff.net',
'picture' => 'http://thinkdiff.net/ithinkdiff.png',
'name' => 'iOS Apps & Games',
'description'=> 'Checkout iOS apps and games from iThinkdiff.net. I found some of them are just awesome!'
)
);
//as $_GET['publish'] is set so remove it by redirecting user to the base url
} catch (FacebookApiException $e) {
d($e);
}
$redirectUrl = $fbconfig['baseurl'] . '/index.php?success=1';
header("Location: $redirectUrl");
}
//update user's status using graph api
//http://developers.facebook.com/docs/reference/dialogs/feed/
if (isset($_POST['tt'])){
try {
$statusUpdate = $facebook->api("/$user/feed", 'post', array('message'=> $_POST['tt']));
} catch (FacebookApiException $e) {
d($e);
}
}
//fql query example using legacy method call and passing parameter
try{
$fql = "select name, hometown_location, sex, pic_square from user where uid=" . $user;
$param = array(
'method' => 'fql.query',
'query' => $fql,
'callback' => ''
);
$fqlResult = $facebook->api($param);
}
catch(Exception $o){
d($o);
}
}
function d($d){
echo '<pre>';
print_r($d);
echo '</pre>';
}?>
Can anyone help me?
You must ensure that your access token is active. Or maybe you're in logout condition. Or try to clean the cookies and cache from your browser (ctrl+shift+del)
Please check if you are getting any Facebook exceptions like
An active access token must be used to query information about the
current user.
which causes 0 as user id in return from $facebook->getUser().
So please check with getAccessTokenFromCode() from base_facebook.php and verify access_token_response format as it may be in JSON format.
So try to use appropriate decoding method to get $response_params['access_token'] from $access_token_response.
after get my posts in my web page , then if user login he can add like / comment to that post problem is am getting an error if any user try add like or comment
200 Permissions error
if i login in with my username and password i can make like or add comment !!
am sending like via :
jQuery.post('https://graph.facebook.com/'+comm_id+'/likes/',{
access_token : "<?php echo $access_token ?>"
});
CODE :
$facebook = new Facebook(array(
'appId' => '',
'secret' => '',
'cookie' => true,
));
$user = $facebook->getUser();
if ($user) {
if (session_id()) {
} else {
session_start();
}
$access_token = $facebook->getAccessToken();
//check permissions list
$permissions_list = $facebook->api(
'/me/permissions', 'GET', array(
'access_token' => $access_token
)
);
//check if the permissions we need have been allowed by the user
//if not then redirect them again to facebook's permissions page
$permissions_needed = array('publish_stream', 'read_stream', 'manage_pages');
foreach ($permissions_needed as $perm) {
if (!isset($permissions_list['data'][0][$perm]) || $permissions_list['data'][0][$perm] != 1) {
$login_url_params = array(
'scope' => 'publish_stream,read_stream,manage_pages',
'fbconnect' => 1,
'display' => "page",
'redirect_uri' => 'http://localhost/fb/index.php',
);
$login_url = $facebook->getLoginUrl($login_url_params);
header("Location: {$login_url}");
exit();
}
}
}else {
//if not, let's redirect to the ALLOW page so we can get access
//Create a login URL using the Facebook library's getLoginUrl() method
$login_url_params = array(
'scope' => 'publish_stream,read_stream,manage_pages',
'fbconnect' => 1,
'display' => "page",
'redirect_uri'=>'http://localhost/fb/index.php',
);
$login_url = $facebook->getLoginUrl($login_url_params);
//redirect to the login URL on facebook
header("Location: {$login_url}");
exit();
}
$logoutUrl = $facebook->getLogoutUrl();
which access token is for the user is loged in
Make sure you have the publish_stream permission for any user you want to be able to create posts for. Remember, creating a comment is still creating content.
Checkout the publish_stream permission on Facebook's permissions documentation
Enables your app to post content, comments, and likes to a user's
stream and to the streams of the user's friends. This is a superset
publishing permission which also includes publish_actions. However,
please note that Facebook recommends a user-initiated sharing model.
Please read the Platform Policies to ensure you understand how to
properly use this permission. Note, you do not need to request the
publish_stream permission in order to use the Feed Dialog, the
Requests Dialog or the Send Dialog.
Access to my developed website is done using facebook connect.
Everything is OK offline, but not online. I get a navigation error (using Chrome) "This webpage has a redirect loop" :
The webpage at https://www.facebook.com/dialog/oauth?client_id=209633612480053&redirect_uri=http%3A%2F%2Fwww.bluward.com%2Faccess%2Flogin_facebook&state=299262ddf89afbf382452df89c9a2ce8&scope=email%2C+user_birthday%2C+user_about_me%2C+user_location%2C+publish_stream&fbconnect=1#= has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.
Here is the PHP code (using CodeIgniter framework):
public function login()
{
// Get the FB UID of the currently logged in user
$uid = $fb->getUser();
// If the user has already allowed the application, you'll be able to get his/her FB UID
if($uid) {
try {
$profile = $fb->api(array(
'method' => 'users.getinfo',
'uids' => $uid,
'fields' => 'uid, first_name, last_name, pic_square, pic_big, sex, birthday_date, current_location, email'
));
// Only the first user.
$profile = $profile[0];
} catch (FacebookApiException $e) {
return false;
}
// Do stuff when already logged in.
return $profile;
} else {
// If not, let's redirect to the ALLOW page so we can get access
redirect($this->getLoginUrl(array(
'scope' => 'email, user_birthday, user_about_me, user_location, publish_stream',
'fbconnect' => 1
)));
}
}
And depending on the profile info, I check if the user already exists on database, then log him/her, and if not exists on database, signup him/her.
Update:
When I clear Facebook cookies, the redirect to login page is successful, and I'm able to fill email/password.
Unfortunately, when I click "log in" button, I get the same error message as I displayed above.
It looks like your using and older version? Here is how i would handle issue with php-sdk 3.1.1 "the most current version".
require 'src/facebook.php';
$facebook = new Facebook(array(
'appId' => '135669679827333',
'secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'
));
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
if ($user) {
$logoutUrl = $facebook->getLogoutUrl();
} else {
$params = array(
scope => 'read_stream,publish_stream,publish_actions,read_friendlists',
//redirect_uri => $url
);
$loginUrl = $facebook->getLoginUrl($params);
echo '<script> top.location.href=\''.$loginUrl.'\'</script>';
};
I am trying to work out facebook connect based on this tutorial:
http://net.tutsplus.com/tutorials/php/how-to-authenticate-your-users-with-facebook-connect/
They have given you a few scripts to use to figure it out, this is the extended permissions one:
<?php
# We require the library
require("facebook.php");
# Creating the facebook object
$facebook = new Facebook(array(
'appId' => '...',
'secret' => '...',
'cookie' => true
));
# Let's see if we have an active session
$session = $facebook->getSession();
if(!empty($session)) {
# Active session, let's try getting the user id (getUser()) and user info (api->('/me'))
try{
$uid = $facebook->getUser();
# req_perms is a comma separated list of the permissions needed
$url = $facebook->getLoginUrl(array(
'req_perms' => 'email,user_birthday,status_update,publish_stream,user_photos,user_videos'
));
header("Location: {$url} ");
} catch (Exception $e){}
} else {
# There's no active session, let's generate one
$login_url = $facebook->getLoginUrl();
header("Location: ".$login_url);
}
When I execute this it lets me allow the extended permissions but then I get a redirect loop error. When I check in facebook it has granted extended permissions.
Now I tried to just implement it into the login script they gave, which is this
# We require the library
require("facebook.php");
# Creating the facebook object
$facebook = new Facebook(array(
'appId' => '...',
'secret' => '...',
'cookie' => true
));
# Let's see if we have an active session
$session = $facebook->getSession();
if(!empty($session)) {
# Active session, let's try getting the user id (getUser()) and user info (api->('/me'))
try{
$uid = $facebook->getUser();
$user = $facebook->api('/me');
} catch (Exception $e){}
if(!empty($user)){
# We have an active session, let's check if we have already registered the user
$query = mysql_query("SELECT * FROM users WHERE oauth_prov = 1 AND oauth_id = ". $user['id']);
$result = mysql_fetch_array($query);
# If not, let's add it to the database
echo $user['id'] . $user['name'];
if(empty($result)){
$query = mysql_query("INSERT INTO users (oauth_prov, oauth_id, username) VALUES ('1', {$user['id']}, '{$user['name']}')");
$query = mysql_query("SELECT * FROM users WHERE id = " . mysql_insert_id());
$result = mysql_fetch_array($query);
}
// this sets variables in the session
$_SESSION['id'] = $result['id'];
$_SESSION['oauth_uid'] = $result['oauth_id'];
$_SESSION['oauth_provider'] = $result['oauth_provider'];
$_SESSION['username'] = $result['username'];
} else {
# For testing purposes, if there was an error, let's kill the script
die("There was an error.");
}
} else {
# There's no active session, let's generate one
$login_url = $facebook->getLoginUrl();
header("Location: ".$login_url);
}
However, I don't know where it should go, as I would like to request permissions at the same time as the login to get the users details. If I put this:
try{
$uid = $facebook->getUser();
# req_perms is a comma separated list of the permissions needed
$url = $facebook->getLoginUrl(array(
'req_perms' => 'email,user_birthday,status_update,publish_stream,user_photos,user_videos'
));
header("Location: {$url} ");
} catch (Exception $e){}
After I set the session values then I don't even get to allow anything, it just hangs and I get a redirect error.
If I put it just after getting the facebook user_id then it gives me the allow dialog (although one after the other as its obviously asking twice, something I would like to stop) but then again gives me a redirect error, having granted the extended permissions
I really don't have a clue where to put it, the documentation for facebook is absolutely abysmal
Instead of this:
# req_perms is a comma separated list of the permissions needed
$url = $facebook->getLoginUrl(array('req_perms' => 'email,user_birthday,status_update,publish_stream,user_photos,user_videos'));
try:
$url = $facebook->getLoginUrl(array('scope' => 'email,user_birthday,status_update,publish_stream,user_photos,user_videos'));
for an complete example see the php-sdk:
https://github.com/facebook/php-sdk/blob/master/examples/example.php